<?php
/*
 * @Author: your name
 * @Date: 2020-05-21 18:36:21
 * @LastEditTime: 2020-12-10 15:49:58
 * @LastEditors: Please set LastEditors
 * @Description: In User Settings Edit
 * @FilePath: /v3/application/adminapiv3/service/attackLogManage/networkLogManage/NetworkLogService.php
 */ 
namespace app\adminapiv3\service\attackLogManage\networkLogManage;

use app\adminapiv3\service\attackLogManage\AttackLogService;

class NetworkLogService extends AttackLogService
{
    /**
     * @name: 列表
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 09:42:11
     */
    function list ($input)
    {
        $input['host_id']= $this->belongedHost();

        $return = $this->DbList($input);

        if(empty($return['data']))
        {
            return $return;
        }

        //查询用户所在组管理的主机
        $host_id_arr = $this->findGroupHost();


        $levelArray = array(
            1 => '极高',
            2 => '极高',
            3 => '高',
            4 => '中',
            5 => '低',
        );

        $networkType_a = db('ips_type')->column('show_name', 'id');

        foreach ($return['data'] as $k => $v)
        {
            //规则状态
            if($v['rule_id'] > 600000000){//自定义规则
                $ruleStatus = db('ips_rule')
                    ->where('host_id', $v['host_id'])
                    ->where('sid', $v['rule_id'])
                    ->value('status');
            }else{//官方规则
                $ruleStatus = db('host_normal_rule_relation')->alias('hr')
                    ->join('ips_normal_rule nr', 'hr.rule_id = nr.id')
                    ->where('hr.host_id', $v['host_id'])
                    ->where('sid', $v['rule_id'])
                    ->value('status');
            }


            $tmp['id'] = $v['id'];
            $tmp['host_id'] = $v['host_id'];
            $tmp['description'] = $v['description'];
            $tmp['domain_name'] = $v['domain_name'];
            $tmp['url'] = $v['url'];
            $tmp['atime'] = $v['atime'];//攻击时间
            $tmp['type'] = isset($networkType_a[$v['type']]) ? $networkType_a[$v['type']] : ''; //攻击类型
            $tmp['level'] = $levelArray[$v['level']];
            $tmp['handle'] = $v['handle'] == 1 ? '仅记录' : '已阻止';
            $tmp['rule_id'] = $v['rule_id'];
            $tmp['allow_ip_rule_id'] = $v['allow_ip_rule_id'];
            $tmp['event_id'] = $v['event_id'];
            $tmp['status'] = $ruleStatus == 1 ? 1 : 0 ;
            $tmp['src_ip'] = $v['src_ip'];
            $tmp['is_option'] = in_array($v['host_id'], $host_id_arr) ? 1 : 0;

            $tmp['app_proto'] = $v['app_proto'];
            $tmp['http_user_agent'] = $v['http_user_agent'];
            $tmp['http_method'] = $v['http_method'];
            $tmp['http_protocol'] = $v['http_protocol'];

            $tmp['attack_dest'] =  $v['dest_ip'] . ':' . $v['dest_port'] .
                '(' . $v['dest_country'] . $v['dest_province'] .
                $v['dest_city'] . $v['dest_detail'] . ')'; //攻击目标

            $tmp['attack_src'] = $v['src_ip'] . ':' . $v['src_port'] . '(' . $v['src_country']
                . $v['src_province'] . $v['src_city']
                . $v['src_detail'] . ')'; //攻击来源


            $return['data'][$k] = $tmp;

        }


        return $return;
    }

    /**
     * @name: 删除
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 10:57:44
     */
    function delete ($id_s)
    {
        $host_id_a = $this->nowGroupHost();
        db('NetworkAttack')->whereIn('id', $id_s)->whereIn('host_id', $host_id_a)->delete();
    }

    /**
     * @name: 删除
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 10:57:44
     */
    function clear ()
    {
        $host_id_a = $this->nowGroupHost();
        db('NetworkAttack')->whereIn('host_id', $host_id_a)->delete();
    }

    /**
     * @name: 数据库列表
     * @Param: 
     * @Description: 
     * @Author: foo
     * @Date: 2020-05-22 09:50:31
     */
    function DbList ($filterData)
    {
        // 首先更新已经看了的
        db('network_attack')
            ->whereIn('host_id', $filterData['host_id'])
            ->where('is_look', 0)
            ->update(['is_look' => 1]);


        $fields = 'na.id,na.host_id,na.atime,na.ctime,na.description,na.domain_name,
        na.url,na.handle,na.rule_id,na.level,na.type,na.allow_ip_rule_id,
        na.src_ip,na.dest_ip, na.app_proto,
        nad.event_id, nad.dest_port, nad.dest_country, nad.dest_province, nad.dest_city, nad.dest_detail,
        nad.src_port, nad.src_country, nad.src_province, nad.src_city, nad.src_detail,
        nad.http_user_agent, nad.http_method, nad.http_protocol';

        $server = db('NetworkAttack')->alias('na')
            ->join('host h', 'na.host_id = h.id')
            ->join('network_attack_detail nad', 'na.id = nad.event_id')
            ->field($fields)->order('na.id', 'desc')
            ->whereIn('na.host_id', $filterData['host_id']);

        !isset($filterData['description']) || empty($filterData['description']) ? : $server->whereLike('na.description', '%'. $filterData['description'] . '%');
        !isset($filterData['src_ip']) || empty($filterData['src_ip']) ? : $server->whereLike('na.src_ip', '%'. $filterData['src_ip'] .'%');
        !isset($filterData['dest_ip']) || empty($filterData['dest_ip']) ? : $server->whereLike('na.dest_ip', '%'. $filterData['dest_ip'] .'%');
        if (isset($filterData['atime']) && !empty($filterData['atime']))
        {
            $stime = strtotime($filterData['atime']);
            $etime = $stime + 86400;
            $server->whereBetween('na.atime', [$stime,$etime]);
        }

        !isset($filterData['level']) || !is_numeric($filterData['level']) ? : $server->where('na.level', $filterData['level']);

        if (isset($filterData['handle']) && is_numeric($filterData['handle'])) {

            if($filterData['handle'] == 1){

                $server->where('na.handle','=', 1);

            }else{
                $server->where('na.handle','<>', 1);
            }
        }


        $return = $server->paginate($filterData['limit'])->toArray();

        return $return;
    }

}